Which of the following pieces of data should be collected first in order to preserve sensitive information before isolating the server?

An incident response team found IoCs in a critical server. The team needs to isolate and collect technical evidence for further investigation.

Which of the following pieces of data should be collected first in order to preserve sensitive information before isolating the server?
A . Hard disk
B. Primary boot partition
C. Malicious tiles
D. Routing table
E. Static IP address

Answer: A

Explanation:

The hard disk is the piece of data that should be collected first in order to preserve sensitive information before isolating the server. The hard disk contains all the files and data stored on the server, which may include evidence of malicious activity, such as malware installation, data exfiltration, or configuration changes. The hard disk should be collected using proper forensic techniques, such as creating an image or a copy of the disk and maintaining its integrity using hashing algorithms.

Latest CS0-003 Dumps Valid Version with 128 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments